- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- Re: URL Filtering https disabled
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
URL Filtering https disabled
Hi CheckMates
I have a gateway running R81.20 and trying to do url filtering but it's not working as expected. Not blocking the categories.
Is https inspection a pre-requisite for url filtering?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks all, eventually got it working. I enabled the blade under the standard policy. As Lend mentioned, it's not showing any block pages, guess will have to enable https for that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No its not.
Make sure you have categorize https sites enabled under management & settigns > blades > app control url filtering
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Gojira, I do have these settings enabled.
It's worth mentioning that the deployment is in a bridged mode. I have 2 interfaces, one in and one for outgoing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What do you have configured in the destination field of the policy (Any), does the logs see the traffic as HTTPS or QUIC (you may have to block the latter)?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, put it this way. You can have pages blocked, BUT, it will look goofy, for the lack of the better term, as block page will never show up. If you need help, I have perfectly working lab, so can show you.
Best,
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also, to add to my last comment, FWIW...without ssl inspection, firewall cant be "man in the middle (MITM)", so nothing to inspect to begin with, tus you would never see the block page. Also, considering that literally 99.99% of the sites nowdays are https, it only makes sense to have that enabled. You wont see much difference in cpu/memory if you are running powerful hardware.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks all, eventually got it working. I enabled the blade under the standard policy. As Lend mentioned, it's not showing any block pages, guess will have to enable https for that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That looks right. I sent the link I made about this on community while ago, so you can also refere to it.
Andy
https://community.checkpoint.com/t5/Security-Gateways/Https-inspection-lab-guide/m-p/214429#M40929